bool OnWebRequest(CWebSock& WebSock, const CString& sPageName,
CTemplate& Tmpl) override {
if (sPageName != "index") {
// only accept requests to index
return false;
}
if (WebSock.IsPost()) {
SetNV("username", WebSock.GetParam("username"));
CString sPassword = WebSock.GetParam("password");
if (!sPassword.empty()) {
SetNV("password", sPassword);
}
SetNV(NV_REQUIRE_AUTH, WebSock.GetParam("require_auth"));
SetNV(NV_MECHANISMS, WebSock.GetParam("mechanisms"));
}
Tmpl["Username"] = GetNV("username");
Tmpl["Password"] = GetNV("password");
Tmpl["RequireAuth"] = GetNV(NV_REQUIRE_AUTH);
Tmpl["Mechanisms"] = GetMechanismsString();
for (const auto& it : SupportedMechanisms) {
CTemplate& Row = Tmpl.AddRow("MechanismLoop");
CString sName(it.szName);
Row["Name"] = sName;
Row["Description"] = CString(it.szDescription);
}
return true;
}
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
if (sPageName.empty() || sPageName == "index") {
bool bSubmitted = (WebSock.GetParam("submitted").ToInt() != 0);
const vector<CChan*>& Channels = m_pUser->GetChans();
for (unsigned int c = 0; c < Channels.size(); c++) {
const CString sChan = Channels[c]->GetName();
bool bStick = FindNV(sChan) != EndNV();
if(bSubmitted) {
bool bNewStick = WebSock.GetParam("stick_" + sChan).ToBool();
if(bNewStick && !bStick)
SetNV(sChan, ""); // no password support for now unless chansaver is active too
else if(!bNewStick && bStick) {
MCString::iterator it = FindNV(sChan);
if(it != EndNV())
DelNV(it);
}
bStick = bNewStick;
}
CTemplate& Row = Tmpl.AddRow("ChannelLoop");
Row["Name"] = sChan;
Row["Sticky"] = CString(bStick);
}
if(bSubmitted) {
WebSock.GetSession()->AddSuccess("Changes have been saved!");
}
return true;
}
return false;
}
bool OnWebRequest(CWebSock& WebSock, const CString& sPageName,
CTemplate& Tmpl) override {
if (sPageName != "index") {
// only accept requests to index
return false;
}
if (WebSock.IsPost()) {
VCString vsPerf;
WebSock.GetRawParam("perform", true).Split("\n", vsPerf, false);
m_vPerform.clear();
for (const CString& sPerf : vsPerf)
m_vPerform.push_back(ParsePerform(sPerf));
Save();
}
for (const CString& sPerf : m_vPerform) {
CTemplate& Row = Tmpl.AddRow("PerformLoop");
Row["Perform"] = sPerf;
}
return true;
}
CString SafeGetUserNameParam(CWebSock& WebSock) {
CString sUserName = WebSock.GetParam("user"); // check for POST param
if(sUserName.empty() && !WebSock.IsPost()) {
// if no POST param named user has been given and we are not
// saving this form, fall back to using the GET parameter.
sUserName = WebSock.GetParam("user", false);
}
return sUserName;
}
CString SafeGetNetworkParam(CWebSock& WebSock) {
CString sNetwork = WebSock.GetParam("network"); // check for POST param
if(sNetwork.empty() && !WebSock.IsPost()) {
// if no POST param named user has been given and we are not
// saving this form, fall back to using the GET parameter.
sNetwork = WebSock.GetParam("network", false);
}
return sNetwork;
}
bool OnEmbeddedWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
if (sPageName == "webadmin/network" && WebSock.GetSession()->IsAdmin()) {
CString sAction = Tmpl["WebadminAction"];
CIRCNetwork* pNetwork = SafeGetNetworkFromParam(WebSock);
if(pNetwork) {
if (sAction == "display") {
Tmpl["CGIEnabled"] = CString(IsEnabled(Tmpl["Username"], pNetwork->GetName()));
return true;
}
if (sAction == "change" && WebSock.GetParam("embed_cgiirc_presented").ToBool()) {
if (WebSock.GetParam("embed_cgiirc_enable").ToBool()) {
if (!WebSock.GetParam("embed_cgiirc_old").ToBool()) {
if (Enable(Tmpl["Username"], pNetwork)) {
WebSock.GetSession()->AddSuccess("CGI:IRC Enabled [" + Tmpl["Username"] + "/" + pNetwork->GetName() + "]");
} else {
WebSock.GetSession()->AddError("Couldn't enable CGI:IRC [" + Tmpl["Username"] + "/" + pNetwork->GetName() + "]");
}
}
} else if (WebSock.GetParam("embed_cgiirc_old").ToBool()){
if (DelNV("Enabled_" + Tmpl["Username"] + "/" + pNetwork->GetName())) {
WebSock.GetSession()->AddSuccess("CGI:IRC Disabled [" + Tmpl["Username"] + "/" + pNetwork->GetName() + "]");
} else {
WebSock.GetSession()->AddError("User [" + Tmpl["Username"] + "/" + pNetwork->GetName() + "] does not have CGI:IRC enabled");
}
}
return true;
}
}
}
return false;
}
bool ChanPage(CWebSock& WebSock, CTemplate& Tmpl, CIRCNetwork* pNetwork, CChan* pChan = NULL) {
CSmartPtr<CWebSession> spSession = WebSock.GetSession();
Tmpl.SetFile("add_edit_chan.tmpl");
CUser* pUser = pNetwork->GetUser();
if (!pUser) {
WebSock.PrintErrorPage("That user doesn't exist");
return true;
}
if (!WebSock.GetParam("submitted").ToUInt()) {
Tmpl["User"] = pUser->GetUserName();
Tmpl["Network"] = pNetwork->GetName();
if (pChan) {
Tmpl["Action"] = "editchan";
Tmpl["Edit"] = "true";
Tmpl["Title"] = "Edit Channel" + CString(" [" + pChan->GetName() + "]");
Tmpl["ChanName"] = pChan->GetName();
Tmpl["BufferCount"] = CString(pChan->GetBufferCount());
Tmpl["DefModes"] = pChan->GetDefaultModes();
Tmpl["Key"] = pChan->GetKey();
if (pChan->InConfig()) {
Tmpl["InConfig"] = "true";
}
} else {
Tmpl["Action"] = "addchan";
Tmpl["Title"] = "Add Channel" + CString(" for User [" + pUser->GetUserName() + "]");
Tmpl["BufferCount"] = CString(pUser->GetBufferCount());
Tmpl["DefModes"] = CString(pUser->GetDefaultChanModes());
Tmpl["InConfig"] = "true";
}
// o1 used to be AutoCycle which was removed
CTemplate& o2 = Tmpl.AddRow("OptionLoop");
o2["Name"] = "keepbuffer";
o2["DisplayName"] = "Keep Buffer";
if ((pChan && pChan->KeepBuffer()) || (!pChan && pUser->KeepBuffer())) { o2["Checked"] = "true"; }
CTemplate& o3 = Tmpl.AddRow("OptionLoop");
o3["Name"] = "detached";
o3["DisplayName"] = "Detached";
if (pChan && pChan->IsDetached()) { o3["Checked"] = "true"; }
FOR_EACH_MODULE(i, pUser) {
CTemplate& mod = Tmpl.AddRow("EmbeddedModuleLoop");
mod.insert(Tmpl.begin(), Tmpl.end());
mod["WebadminAction"] = "display";
if ((*i)->OnEmbeddedWebRequest(WebSock, "webadmin/channel", mod)) {
mod["Embed"] = WebSock.FindTmpl(*i, "WebadminChan.tmpl");
mod["ModName"] = (*i)->GetModName();
}
}
void CWebAuth::AcceptedLogin(CUser& User) {
if (m_pWebSock) {
CSmartPtr<CWebSession> spSession = m_pWebSock->GetSession();
spSession->SetUser(&User);
m_pWebSock->SetLoggedIn(true);
m_pWebSock->UnPauseRead();
m_pWebSock->Redirect("/?cookie_check=true");
DEBUG("Successful login attempt ==> USER [" + User.GetUserName() + "] ==> SESSION [" + spSession->GetId() + "]");
}
}
void CWebAuth::RefusedLogin(const CString& sReason) {
if (m_pWebSock) {
CSmartPtr<CWebSession> spSession = m_pWebSock->GetSession();
spSession->AddError("Invalid login!");
spSession->SetUser(NULL);
m_pWebSock->SetLoggedIn(false);
m_pWebSock->UnPauseRead();
m_pWebSock->Redirect("/?cookie_check=true");
DEBUG("UNSUCCESSFUL login attempt ==> REASON [" + sReason + "] ==> SESSION [" + spSession->GetId() + "]");
}
}
bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) override {
if (sPageName == "index") {
CModules& GModules = CZNC::Get().GetModules();
Tmpl["WebAdminLoaded"] = CString(GModules.FindModule("webadmin") != nullptr);
MTimeMulti mmSorted;
const MUsers& mUsers = CZNC::Get().GetUserMap();
for (MUsers::const_iterator uit = mUsers.begin(); uit != mUsers.end(); ++uit) {
mmSorted.insert(pair<time_t, CUser*>(GetTime(uit->second), uit->second));
}
for (MTimeMulti::const_iterator it = mmSorted.begin(); it != mmSorted.end(); ++it) {
CUser *pUser = it->second;
CTemplate& Row = Tmpl.AddRow("UserLoop");
Row["Username"] = pUser->GetUserName();
Row["IsSelf"] = CString(pUser == WebSock.GetSession()->GetUser());
Row["LastSeen"] = FormatLastSeen(pUser, "never");
}
return true;
}
return false;
}
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
if (sPageName == "index") {
if (WebSock.IsPost()) {
CUser *pUser = CZNC::Get().FindUser(WebSock.GetParam("user"));
bool bOutgoing = WebSock.GetParam("direction") == "out";
const CString sLine = WebSock.GetParam("line");
if (!pUser) {
Tmpl["user"] = WebSock.GetParam("user");
Tmpl[bOutgoing ? "direction_out" : "direction_in"] = "true";
Tmpl["line"] = sLine;
WebSock.GetSession()->AddError("User not found");
return true;
}
if (bOutgoing) {
pUser->PutIRC(sLine);
} else {
pUser->PutUser(sLine);
}
WebSock.GetSession()->AddSuccess("Line sent");
}
const map<CString,CUser*>& msUsers = CZNC::Get().GetUserMap();
for (map<CString,CUser*>::const_iterator it = msUsers.begin(); it != msUsers.end(); ++it) {
CTemplate& l = Tmpl.AddRow("UserLoop");
l["Username"] = (*it->second).GetUserName();
}
return true;
}
return false;
}
bool OnWebRequest(CWebSock& WebSock, const CString& sPageName,
CTemplate& Tmpl) override {
if (sPageName != "index") {
// only accept requests to index
return false;
}
if (WebSock.IsPost()) {
// print the text we just recieved
CString text = WebSock.GetRawParam("text", true);
WebSock.PrintHeader(text.length(), "text/plain; charset=UTF-8");
WebSock.Write(text);
WebSock.Close(Csock::CLT_AFTERWRITE);
return false;
}
return true;
}
virtual bool OnEmbeddedWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
if (sPageName == "webadmin/user" && WebSock.GetSession()->IsAdmin()) {
CUser* pUser = CZNC::Get().FindUser(Tmpl["Username"]);
if (pUser) {
Tmpl["LastSeen"] = FormatLastSeen(pUser);
}
return true;
}
return false;
}
void CWebAuth::RefusedLogin(const CString& sReason) {
if (m_pWebSock) {
std::shared_ptr<CWebSession> spSession = m_pWebSock->GetSession();
spSession->AddError("Invalid login!");
spSession->SetUser(nullptr);
m_pWebSock->SetLoggedIn(false);
m_pWebSock->UnPauseRead();
if (m_bBasic) {
m_pWebSock->AddHeader("WWW-Authenticate", "Basic realm=\"ZNC\"");
m_pWebSock->CHTTPSock::PrintErrorPage(401, "Unauthorized", "HTTP Basic authentication attemped with invalid credentials");
// Why CWebSock makes this function protected?..
} else {
m_pWebSock->Redirect("/?cookie_check=true");
}
DEBUG("UNSUCCESSFUL login attempt ==> REASON [" + sReason + "] ==> SESSION [" + spSession->GetId() + "]");
}
}
virtual bool OnEmbeddedWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
if (sPageName == "webadmin/channel") {
CString sChan = Tmpl["ChanName"];
bool bStick = FindNV(sChan) != EndNV();
if (Tmpl["WebadminAction"].Equals("display")) {
Tmpl["Sticky"] = CString(bStick);
} else if (WebSock.GetParam("embed_stickychan_presented").ToBool()) {
bool bNewStick = WebSock.GetParam("embed_stickychan_sticky").ToBool();
if(bNewStick && !bStick) {
SetNV(sChan, ""); // no password support for now unless chansaver is active too
WebSock.GetSession()->AddSuccess("Channel become sticky!");
} else if(!bNewStick && bStick) {
DelNV(sChan);
WebSock.GetSession()->AddSuccess("Channel stopped being sticky!");
}
}
return true;
}
return false;
}
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
if (sPageName == "index") {
for (MCString::iterator it = BeginNV(); it != EndNV(); ++it) {
CTemplate& Row = Tmpl.AddRow("NotesLoop");
Row["Key"] = it->first;
Row["Note"] = it->second;
}
return true;
} else if (sPageName == "delnote") {
DelNote(WebSock.GetParam("key", false));
WebSock.Redirect("/mods/notes/");
return true;
} else if (sPageName == "addnote") {
AddNote(WebSock.GetParam("key"), WebSock.GetParam("note"));
WebSock.Redirect("/mods/notes/");
return true;
}
return false;
}
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
if (sPageName == "index") {
bool bSubmitted = (WebSock.GetParam("submitted").ToInt() != 0);
if (bSubmitted) {
CString FormUsername = WebSock.GetParam("user");
if (!FormUsername.empty())
SetUsername(FormUsername);
CString FormPassword = WebSock.GetParam("password");
if (!FormPassword.empty())
SetPassword(FormPassword);
SetUseCloakedHost(WebSock.GetParam("usecloakedhost").ToBool());
SetUseChallenge(WebSock.GetParam("usechallenge").ToBool());
SetRequestPerms(WebSock.GetParam("requestperms").ToBool());
SetJoinOnInvite(WebSock.GetParam("joinoninvite").ToBool());
}
Tmpl["Username"] = m_sUsername;
CTemplate& o1 = Tmpl.AddRow("OptionLoop");
o1["Name"] = "usecloakedhost";
o1["DisplayName"] = "UseCloakedHost";
o1["Tooltip"] = "Whether to cloak your hostname (+x) automatically on connect.";
o1["Checked"] = CString(m_bUseCloakedHost);
CTemplate& o2 = Tmpl.AddRow("OptionLoop");
o2["Name"] = "usechallenge";
o2["DisplayName"] = "UseChallenge";
o2["Tooltip"] = "Whether to use the CHALLENGEAUTH mechanism to avoid sending passwords in cleartext.";
o2["Checked"] = CString(m_bUseChallenge);
CTemplate& o3 = Tmpl.AddRow("OptionLoop");
o3["Name"] = "requestperms";
o3["DisplayName"] = "RequestPerms";
o3["Tooltip"] = "Whether to request voice/op from Q on join/devoice/deop.";
o3["Checked"] = CString(m_bRequestPerms);
CTemplate& o4 = Tmpl.AddRow("OptionLoop");
o4["Name"] = "joinoninvite";
o4["DisplayName"] = "JoinOnInvite";
o4["Tooltip"] = "Whether to join channels when Q invites you.";
o4["Checked"] = CString(m_bJoinOnInvite);
if (bSubmitted) {
WebSock.GetSession()->AddSuccess("Changes have been saved!");
}
return true;
}
return false;
}
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
if (sPageName == "index") {
Tmpl["Cert"] = CString(HasPemFile());
return true;
} else if (sPageName == "update") {
CFile fPemFile(PemFile());
if (fPemFile.Open(O_WRONLY | O_TRUNC | O_CREAT)) {
fPemFile.Write(WebSock.GetParam("cert", true, ""));
fPemFile.Close();
}
WebSock.Redirect("/mods/cert/");
return true;
} else if (sPageName == "delete") {
CFile::Delete(PemFile());
WebSock.Redirect("/mods/cert/");
return true;
}
return false;
}
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
if (sPageName == "index") {
if (WebSock.IsPost()) {
CUser *pUser = CZNC::Get().FindUser(WebSock.GetParam("user").Token(0, false, "/"));
if (!pUser) {
WebSock.GetSession()->AddError("User not found");
return true;
}
CIRCNetwork *pNetwork = pUser->FindNetwork(WebSock.GetParam("user").Token(1, false, "/"));
if (!pNetwork) {
WebSock.GetSession()->AddError("Network not found");
return true;
}
bool bToServer = WebSock.GetParam("send_to") == "server";
const CString sLine = WebSock.GetParam("line");
Tmpl["user"] = pUser->GetUserName();
Tmpl[bToServer ? "to_server" : "to_client"] = "true";
Tmpl["line"] = sLine;
if (bToServer) {
pNetwork->PutIRC(sLine);
} else {
pNetwork->PutUser(sLine);
}
WebSock.GetSession()->AddSuccess("Line sent");
}
const map<CString,CUser*>& msUsers = CZNC::Get().GetUserMap();
for (map<CString,CUser*>::const_iterator it = msUsers.begin(); it != msUsers.end(); ++it) {
CTemplate& l = Tmpl.AddRow("UserLoop");
l["Username"] = (*it->second).GetUserName();
vector<CIRCNetwork*> vNetworks = (*it->second).GetNetworks();
for (vector<CIRCNetwork*>::const_iterator it2 = vNetworks.begin(); it2 != vNetworks.end(); ++it2) {
CTemplate& NetworkLoop = l.AddRow("NetworkLoop");
NetworkLoop["Username"] = (*it->second).GetUserName();
NetworkLoop["Network"] = (*it2)->GetName();
}
}
return true;
}
return false;
}
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
CUser *pUser = WebSock.GetSession()->GetUser();
if (sPageName == "index") {
MSCString::iterator it = m_PubKeys.find(pUser->GetUserName());
if (it != m_PubKeys.end()) {
SCString::iterator it2;
for (it2 = it->second.begin(); it2 != it->second.end(); ++it2) {
CTemplate& row = Tmpl.AddRow("KeyLoop");
row["Key"] = *it2;
}
}
return true;
} else if (sPageName == "add") {
AddKey(pUser, WebSock.GetParam("key"));
WebSock.Redirect(GetWebPath());
return true;
} else if (sPageName == "delete") {
MSCString::iterator it = m_PubKeys.find(pUser->GetUserName());
if (it != m_PubKeys.end()) {
if (it->second.erase(WebSock.GetParam("key", false))) {
if (it->second.size() == 0) {
m_PubKeys.erase(it);
}
Save();
}
}
WebSock.Redirect(GetWebPath());
return true;
}
return false;
}
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
if (sPageName != "index") {
// only accept requests to /mods/perform/
return false;
}
if (WebSock.IsPost()) {
VCString vsPerf;
WebSock.GetRawParam("perform", true).Split("\n", vsPerf, false);
m_vPerform.clear();
for (VCString::const_iterator it = vsPerf.begin(); it != vsPerf.end(); ++it)
m_vPerform.push_back(ParsePerform(*it));
Save();
}
for (VCString::const_iterator it = m_vPerform.begin(); it != m_vPerform.end(); ++it) {
CTemplate& Row = Tmpl.AddRow("PerformLoop");
Row["Perform"] = *it;
}
return true;
}
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
if (sPageName == "index") {
CModules& GModules = CZNC::Get().GetModules();
Tmpl["WebAdminLoaded"] = CString(GModules.FindModule("webadmin") != NULL);
MTimeMulti mmSorted;
const MUsers& mUsers = CZNC::Get().GetUserMap();
for (MUsers::const_iterator uit = mUsers.begin(); uit != mUsers.end(); ++uit) {
mmSorted.insert(pair<time_t, CUser*>(GetTime(uit->second), uit->second));
}
for (MTimeMulti::const_iterator it = mmSorted.begin(); it != mmSorted.end(); ++it) {
CUser *pUser = it->second;
CTemplate& Row = Tmpl.AddRow("UserLoop");
Row["Username"] = pUser->GetUserName();
Row["IsSelf"] = CString(pUser == WebSock.GetSession()->GetUser());
Row["LastSeen"] = FormatLastSeen(pUser, "never");
Row["Info"] = CString(pUser->GetClients().size()) +
" client" + CString(pUser->GetClients().size() == 1 ? "" : "s");
if (!pUser->IsIRCConnected()) {
Row["Info"] += ", not connected to IRC";
} else {
unsigned int uChans = 0;
const vector<CChan*>& vChans = pUser->GetChans();
for (unsigned int a = 0; a < vChans.size(); ++a) {
if (vChans[a]->IsOn()) ++uChans;
}
unsigned int n = uChans;
Row["Info"] += ", joined to " + CString(uChans);
if(uChans != vChans.size()) {
Row["Info"] += " out of " + CString(vChans.size()) + " configured";
n = vChans.size();
}
Row["Info"] += " channel" + CString(n == 1 ? "" : "s");
}
}
return true;
}
return false;
}
bool CLogMod::OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
CFile LogFile(m_sLogPath);
CDir LogDir (LogFile.GetDir());
for(std::vector<CFile*>::iterator it = LogDir.begin(); it != LogDir.end(); ++it) {
CTemplate& Row = Tmpl.AddRow("LogsLoop");
Row["File"] = (**it).GetShortName();
}
if (WebSock.HasParam("file", false)) {
CString path = CDir::CheckPathPrefix(GetSavePath(), LogFile.GetDir() + WebSock.GetParam("file", false));
if (path.empty()) {
WebSock.PrintErrorPage("Invalid Path");
return true;
}
CFile DisplayFile(path);
CString content;
DisplayFile.Open();
int PageSize = 1024 * 1024;
int Page = 0;
if (WebSock.HasParam("page", false)) {
Page = WebSock.GetParam("page", false).ToInt();
DisplayFile.Seek(Page * PageSize);
}
Tmpl["Prev"] = CString(Page - 1);
Tmpl["Next"] = CString(Page + 1);
Tmpl["Curr"] = WebSock.GetParam("file", false);
DisplayFile.ReadFile(content, PageSize);
DisplayFile.Close();
Tmpl["Log"] = content;
}
return true;
}
// Provides GUI to configure this module by adding a widget to user page in webadmin.
bool OnEmbeddedWebRequest(CWebSock& WebSock, const CString& sPageName,
CTemplate& Tmpl) override {
if (sPageName == "webadmin/user" && WebSock.GetSession()->IsAdmin()) {
CString sAction = Tmpl["WebadminAction"];
if (sAction == "display") {
Tmpl["Blocked"] = CString(IsBlocked(Tmpl["Username"]));
Tmpl["Self"] = CString(Tmpl["Username"].Equals(
WebSock.GetSession()->GetUser()->GetUserName()));
return true;
}
if (sAction == "change" &&
WebSock.GetParam("embed_blockuser_presented").ToBool()) {
if (Tmpl["Username"].Equals(
WebSock.GetSession()->GetUser()->GetUserName()) &&
WebSock.GetParam("embed_blockuser_block").ToBool()) {
WebSock.GetSession()->AddError("You can't block yourself");
} else if (WebSock.GetParam("embed_blockuser_block").ToBool()) {
if (!WebSock.GetParam("embed_blockuser_old").ToBool()) {
if (Block(Tmpl["Username"])) {
WebSock.GetSession()->AddSuccess(
"Blocked [" + Tmpl["Username"] + "]");
} else {
WebSock.GetSession()->AddError(
"Couldn't block [" + Tmpl["Username"] + "]");
}
}
} else if (WebSock.GetParam("embed_blockuser_old").ToBool()) {
if (DelNV(Tmpl["Username"])) {
WebSock.GetSession()->AddSuccess(
"Unblocked [" + Tmpl["Username"] + "]");
} else {
WebSock.GetSession()->AddError(
"User [" + Tmpl["Username"] + "is not blocked");
}
}
return true;
}
}
return false;
}
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
CSmartPtr<CWebSession> spSession = WebSock.GetSession();
if (!m_sSalt.empty()) {
Tmpl["Verify"] = "yes";
Tmpl["Code"] = WebSock.GetParam("code", false);
Tmpl["Username"] = WebSock.GetParam("user", false);
}
if (!WebSock.GetParam("submitted").ToUInt()) {
return true;
}
CString sUsername = WebSock.GetParam("user");
if (CZNC::Get().FindUser(sUsername)) {
WebSock.PrintErrorPage("Invalid Submission [User " + sUsername + " already exists]");
return true;
}
CUser* pNewUser = GetNewUser(WebSock);
if (!pNewUser) {
return true;
}
CString sErr;
CString sAction;
// Add User Submission
if (!CZNC::Get().AddUser(pNewUser, sErr)) {
delete pNewUser;
WebSock.PrintErrorPage("Invalid submission [" + sErr + "]");
return true;
}
sAction = "added";
CTemplate TmplMod;
TmplMod["Username"] = sUsername;
TmplMod["WebadminAction"] = "change";
if (!CZNC::Get().WriteConfig()) {
WebSock.PrintErrorPage("User " + sAction + ", but config was not written");
return true;
}
spSession->SetUser(pNewUser);
WebSock.SetLoggedIn(true);
WebSock.UnPauseRead();
WebSock.Redirect("/?cookie_check=true");
return false;
}
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) {
CSmartPtr<CWebSession> spSession = WebSock.GetSession();
if (sPageName == "settings") {
// Admin Check
if (!spSession->IsAdmin()) {
return false;
}
return SettingsPage(WebSock, Tmpl);
} else if (sPageName == "adduser") {
// Admin Check
if (!spSession->IsAdmin()) {
return false;
}
return UserPage(WebSock, Tmpl);
} else if (sPageName == "editchan") {
CUser* pUser = SafeGetUserFromParam(WebSock);
// Admin||Self Check
if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pUser)) {
return false;
}
if (!pUser) {
WebSock.PrintErrorPage("No such username");
return true;
}
CString sChan = WebSock.GetParam("name");
if(sChan.empty() && !WebSock.IsPost()) {
sChan = WebSock.GetParam("name", false);
}
CChan* pChan = pUser->FindChan(sChan);
if (!pChan) {
WebSock.PrintErrorPage("No such channel");
return true;
}
return ChanPage(WebSock, Tmpl, pUser, pChan);
} else if (sPageName == "addchan") {
CUser* pUser = SafeGetUserFromParam(WebSock);
// Admin||Self Check
if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pUser)) {
return false;
}
if (pUser) {
return ChanPage(WebSock, Tmpl, pUser);
}
WebSock.PrintErrorPage("No such username");
return true;
} else if (sPageName == "delchan") {
CUser* pUser = CZNC::Get().FindUser(WebSock.GetParam("user", false));
// Admin||Self Check
if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pUser)) {
return false;
}
if (pUser) {
return DelChan(WebSock, pUser);
}
WebSock.PrintErrorPage("No such username");
return true;
} else if (sPageName == "deluser") {
if (!spSession->IsAdmin()) {
return false;
}
if (!WebSock.IsPost()) {
// Show the "Are you sure?" page:
CString sUser = WebSock.GetParam("user", false);
CUser* pUser = CZNC::Get().FindUser(sUser);
if (!pUser) {
WebSock.PrintErrorPage("No such username");
return true;
}
Tmpl.SetFile("del_user.tmpl");
Tmpl["Username"] = sUser;
return true;
}
// The "Are you sure?" page has been submitted with "Yes",
// so we actually delete the user now:
CString sUser = WebSock.GetParam("user");
CUser* pUser = CZNC::Get().FindUser(sUser);
if (pUser && pUser == spSession->GetUser()) {
WebSock.PrintErrorPage("Please don't delete yourself, suicide is not the answer!");
return true;
} else if (CZNC::Get().DeleteUser(sUser)) {
WebSock.Redirect("listusers");
return true;
}
WebSock.PrintErrorPage("No such username");
return true;
} else if (sPageName == "edituser") {
CString sUserName = SafeGetUserNameParam(WebSock);
CUser* pUser = CZNC::Get().FindUser(sUserName);
if(!pUser) {
if(sUserName.empty()) {
pUser = spSession->GetUser();
} // else: the "no such user" message will be printed.
}
// Admin||Self Check
if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pUser)) {
return false;
}
if (pUser) {
return UserPage(WebSock, Tmpl, pUser);
}
WebSock.PrintErrorPage("No such username");
return true;
} else if (sPageName == "listusers" && spSession->IsAdmin()) {
return ListUsersPage(WebSock, Tmpl);
} else if (sPageName == "traffic" && spSession->IsAdmin()) {
return TrafficPage(WebSock, Tmpl);
} else if (sPageName.empty() || sPageName == "index") {
return true;
}
return false;
}
